Description
The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate a limited number of specific plugins. The News Kit Elementor Addons plugin and a BlazeThemes theme must be installed and activated in order to exploit the vulnerability.
Published: 2025-09-16
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Limited Plugin Install via Missing Authorization
Action: Patch
AI Analysis

Impact

The Blaze Demo Importer plugin for WordPress contains a function called blaze_demo_importer_install_plugin that performs no capability check. As a result, any authenticated user with Subscriber level or higher can invoke the function to install and activate a small, predefined set of plugins. The plugin specifically allows the installation of the News Kit Elementor Addons plugin and a BlazeThemes theme. The impact is limited to these particular installations and does not provide full arbitrary plugin deployment or direct code execution.

Affected Systems

WordPress sites running Blaze Demo Importer version 1.0.12 or earlier are affected. The vulnerability can only be exploited if the News Kit Elementor Addons plugin and a BlazeThemes theme are already installed and activated on the same site, as these are required components of the exploit path.

Risk and Exploitability

The overall severity is medium with a CVSS score of 4.3 and an EPSS score below 1%, indicating a low likelihood of real‑world exploitation at present. The vulnerability is not listed in the CISA KEV catalog. While the attack vector requires user authentication at the Subscriber level or higher, the limited scope of exploitable plugins reduces the potential breadth of impact, yet still poses a tangible risk for sites that have the required components installed.

Generated by OpenCVE AI on April 21, 2026 at 19:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Blaze Demo Importer to a version that includes the missing capability check
  • If an upgrade is not possible, remove or deactivate the News Kit Elementor Addons plugin and any BlazeThemes theme that could satisfy the exploit requirements
  • Add a custom code snippet that disables blaze_demo_importer_install_plugin or restricts its execution to administrator‐level users to restore proper authorization

Generated by OpenCVE AI on April 21, 2026 at 19:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29548 The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate a limited number of specific plugins. The News Kit Elementor Addons plugin and a BlazeThemes theme must be installed and activated in order to exploit the vulnerability.
History

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Tue, 16 Sep 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 16 Sep 2025 11:30:00 +0000

Type Values Removed Values Added
Description The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate a limited number of specific plugins. The News Kit Elementor Addons plugin and a BlazeThemes theme must be installed and activated in order to exploit the vulnerability.
Title Blaze Demo Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:14:03.943Z

Reserved: 2025-07-31T19:44:08.833Z

Link: CVE-2025-8446

cve-icon Vulnrichment

Updated: 2025-09-16T19:30:00.680Z

cve-icon NVD

Status : Deferred

Published: 2025-09-16T12:15:34.380

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-8446

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T19:15:26Z

Weaknesses